Facebook Apps Not HTTPS Enabled?

I much prefer to use sites with the encrypted HyperText Transfer Protocol (https) because it is a more secure connection. It is not just for banks or shopping. So I jumped on the chance to use https for my use of Facebook on more than just the login. Only now I am annoyed by the message I have to turn off https to use apps.

Switch to regular connection (http)?

Sorry! We can’t display this content while you’re viewing Facebook over a secure connection (https).

To use this app, you’ll need to switch to a regular connection (http).

First, the main Facebook address is www.facebook.com. This message occurs when going to apps.facebook.com with https. AIt means one should go to Account > Account Settings and click the “change” link next Account Security. Finally, uncheck “Secure Browsing (https): Browse Facebook on a secure connection (https) whenever possible”. better design for this message would to give a button where people could turn off this setting.Clicking the continue button turns off https. What this page does not make clear is apps users have to make a choice: 1) be more secure and not use any apps or 2) be less secure and use apps or 3) remember to switch back and forth. I suspect many people will go with the less secure option.

Second, I suspect the reason why apps.facebook.com is not protected is because the https protocol does not allow for two parties on to provide items in some elements on the same page even if both are secure. This is because one party cannot ensure another is not doing something illegitimate.

Still, there should be a handover from https to http for apps.facebook.com. A warning to users who want to have secure browsing they are no longer so would be nice. Really they should be clued in by their browser address bar, but most people would not notice that, I think.